Page 1 of 1
How do SSL certificates work?
Posted: Mon Jun 14, 2010 8:53 am
by storr
So clients connect on irc.example.com which will direct them to either on of those servers via multiple A records.
Now what CN (common name) certificate should I use for each server irc.example.com for both? Or one.example.com and two.example.com?
Re: How do SSL certificates work?
Posted: Mon Jun 14, 2010 3:54 pm
by Stealth
The CN should be example.com, and the host name may be a couple things. If you want a different cert for each server, you would make the host name irc.example.com or one.example.com or two.example.com If you want to use the same cert for all your servers, you would use *.example.com for the hostname.
Also, if you are using a RR DNS, and have irc.example.com redirect to one.example.com and two.example.com, you will likely end up with certificate verification problems since the servername is sent AFTER the SSL connection is verified. So making your certs one.example.com and two.example.com will require users to specifically connect to those servers.